From d51d4f9ae104e5baa023941337f015374c536200 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A2u=20Cao?= Date: Tue, 11 Jun 2024 22:53:23 +0200 Subject: [PATCH] Create/deploy strfry VM --- clients/strfry-1.json | 4 + nodes/strfry-1.json | 1318 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 1322 insertions(+) create mode 100644 clients/strfry-1.json create mode 100644 nodes/strfry-1.json diff --git a/clients/strfry-1.json b/clients/strfry-1.json new file mode 100644 index 0000000..3ca35c9 --- /dev/null +++ b/clients/strfry-1.json @@ -0,0 +1,4 @@ +{ + "name": "strfry-1", + "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDV/RMGMXVDbvoA6PNh8\nQzhtHwYDCFcUSkbrwP6tzh6GpVunGEOdOdhj2V63T2tF1H+lujxQXh5pK7C0D6VZ\niO04ftJlo7/svyxUcwWr+znyN5sFdQRh3cBZiGSBYolizwoqgtPFlbNhmWAzV0Du\n9t8mhz70IK3B+UdwWyHtoK0NNsJGnQ9YzAvcjyDmEO/3sCjAhNnxVpmXftpcSmd9\nMonzFtIDBbRRll4AHZYRbmXCzx63+VmelvdnufnbY82liol0zzBwJaBD1wyNlG0y\ni96p3Kx03bLNlIaYVGbjZeJi+6oo2VDWJ4OloLLAYoHDSipeHT9qWfUdnE6ge4Lm\nywIDAQAB\n-----END PUBLIC KEY-----\n" +} \ No newline at end of file diff --git a/nodes/strfry-1.json b/nodes/strfry-1.json new file mode 100644 index 0000000..50e5749 --- /dev/null +++ b/nodes/strfry-1.json @@ -0,0 +1,1318 @@ +{ + "name": "strfry-1", + "chef_environment": "production", + "override": { + "apt": { + "unattended_upgrades": { + "allowed_origins": [ + "${distro_id}:${distro_codename}-security", + "${distro_id}:${distro_codename}-updates" + ], + "mail": "ops@kosmos.org", + "syslog_enable": true + } + }, + "set_fqdn": "*", + "akkounts": { + "btcpay": { + "public_url": "https://btcpay.kosmos.org", + "store_id": "FNJVVsrVkKaduPDAkRVchdegjwzsNhpceAdonCaXAwBX" + }, + "ejabberd": { + "admin_url": "https://xmpp.kosmos.org:5443/admin" + }, + "lndhub": { + "public_url": "https://lndhub.kosmos.org", + "public_key": "024cd3be18617f39cf645851e3ba63f51fc13f0bb09e3bb25e6fd4de556486d946" + }, + "nostr": { + "public_key": "b3e1b7c1660b7db0ecb93ec55c09e67961171a5c4e9e2602f1b47477ea61c50a" + } + }, + "discourse": { + "domain": "community.kosmos.org" + }, + "droneci": { + "public_url": "https://drone.kosmos.org" + }, + "ejabberd": { + "turn_domain": "turn.kosmos.org" + }, + "email": { + "domain": "kosmos.org", + "hostname": "mail.kosmos.org", + "report_contact": "abuse@kosmos.org", + "virtual_aliases": { + "admin@kosmos.org": "ops@kosmos.org", + "ops@kosmos.org": "ops@5apps.com", + "webmaster": "mail@kosmos.org", + "hostmaster@kosmos.org": "mail@kosmos.org", + "postmaster@kosmos.org": "mail@kosmos.org", + "abuse@kosmos.org": "mail@kosmos.org", + "mail@kosmos.org": "foundation@kosmos.org" + } + }, + "garage": { + "replication_mode": "2", + "s3_api_root_domain": "s3.kosmos.org", + "s3_web_root_domain": "web.s3.kosmos.org", + "s3_web_domains": [ + "media.kosmos.chat", + "s3.accounts.kosmos.org", + "s3.community.kosmos.org", + "s3.kosmos.social" + ], + "xmpp_upload_bucket": "kosmos-xmpp-uploads" + }, + "gitea": { + "domain": "gitea.kosmos.org", + "postgresql_host": "pg.kosmos.local:5432", + "config": { + "storage": { + "type": "minio", + "endpoint": "localhost:3900", + "location": "garage", + "use_ssl": "false" + } + } + }, + "kosmos_kvm": { + "backup": { + "nodes_excluded": [ + "garage-", + "lq-", + "rsk-", + "postgres-6" + ] + } + }, + "kosmos-mastodon": { + "domain": "kosmos.social", + "user_address_domain": "kosmos.social", + "s3_endpoint": "http://localhost:3900", + "s3_region": "garage", + "s3_bucket": "kosmos-social", + "s3_alias_host": "s3.kosmos.social", + "libre_translate_endpoint": "http://127.0.0.1:5000", + "alternate_domains": [ + "mastodon.w7nooprauv6yrnhzh2ajpcnj3doinked2aaztlwfyt6u6pva2qdxqhid.onion" + ] + }, + "liquor-cabinet": { + "ufw_source_allowed": "10.1.1.0/24", + "redis_port": 6379, + "redis_db": 1, + "s3_endpoint": "http://localhost:3900", + "s3_region": "garage", + "s3_bucket": "rs-kosmos", + "domain": "storage.kosmos.org", + "root_redirect_url": "https://accounts.kosmos.org" + }, + "mediawiki": { + "url": "https://wiki.kosmos.org" + }, + "sentry": { + "allowed_ips": "10.1.1.0/24" + }, + "strfry": { + "domain": "nostr.kosmos.org", + "real_ip_header": "x-real-ip", + "policy_path": "/opt/strfry-policy.ts", + "info": { + "name": "Kosmos Relay", + "description": "Members-only nostr relay for kosmos.org users", + "pubkey": "1f79058c77a224e5be226c8f024cacdad4d741855d75ed9f11473ba8eb86e1cb", + "contact": "ops@kosmos.org" + } + } + }, + "normal": { + "knife_zero": { + "host": "10.1.1.164" + } + }, + "default": { + "audit": { + "inspec_backend_cache": true, + "reporter": null, + "fetcher": null, + "insecure": null, + "quiet": true, + "profiles": { + + }, + "inputs": { + + }, + "attributes": { + + }, + "waiver_file": null, + "json_file": { + "location": "/var/chef/compliance_reports/compliance-20240611204645.json" + }, + "run_time_limit": 1.0, + "result_message_limit": 10000, + "result_include_backtrace": false, + "control_results_limit": 50, + "chef_node_attribute_enabled": true, + "compliance_phase": false, + "interval": { + "enabled": false, + "time": 1440 + } + }, + "apt": { + "cacher_dir": "/var/cache/apt-cacher-ng", + "cacher_interface": null, + "cacher_port": 3142, + "compiletime": false, + "compile_time_update": false, + "key_proxy": "", + "periodic_update_min_delay": 86400, + "launchpad_api_version": "1.0", + "unattended_upgrades": { + "enable": false, + "update_package_lists": true, + "allowed_origins": [ + "Ubuntu jammy" + ], + "origins_patterns": [ + + ], + "package_blacklist": [ + + ], + "auto_fix_interrupted_dpkg": false, + "minimal_steps": false, + "install_on_shutdown": false, + "mail": null, + "sender": null, + "mail_only_on_error": true, + "remove_unused_dependencies": false, + "automatic_reboot": false, + "automatic_reboot_time": "now", + "dl_limit": null, + "random_sleep": null, + "syslog_enable": false, + "syslog_facility": "daemon", + "dpkg_options": [ + + ] + }, + "cacher_client": { + "cacher_server": { + + } + }, + "confd": { + "force_confask": false, + "force_confdef": false, + "force_confmiss": false, + "force_confnew": false, + "force_confold": false, + "install_recommends": true, + "install_suggests": false + } + }, + "firewall": { + "allow_ssh": false, + "allow_winrm": false, + "allow_mosh": false, + "allow_loopback": false, + "allow_icmp": false, + "firewalld": { + "permanent": false + }, + "iptables": { + "defaults": { + "policy": { + "input": "DROP", + "forward": "DROP", + "output": "ACCEPT" + }, + "ruleset": { + "*filter": 1, + ":INPUT DROP": 2, + ":FORWARD DROP": 3, + ":OUTPUT ACCEPT": 4, + "COMMIT_FILTER": 100 + } + } + }, + "ubuntu_iptables": false, + "redhat7_iptables": false, + "allow_established": true, + "ipv6_enabled": true, + "ufw": { + "defaults": { + "ipv6": "yes", + "manage_builtins": "no", + "ipt_sysctl": "/etc/ufw/sysctl.conf", + "ipt_modules": "nf_conntrack_ftp nf_nat_ftp nf_conntrack_netbios_ns", + "policy": { + "input": "DROP", + "output": "ACCEPT", + "forward": "DROP", + "application": "SKIP" + } + } + }, + "windows": { + "defaults": { + "policy": { + "input": "blockinbound", + "output": "allowoutbound" + } + } + } + }, + "hostsfile": { + "path": null + }, + "hostname_cookbook": { + "hostsfile_ip": "127.0.1.1", + "hostsfile_aliases": [ + + ], + "hostsfile_include_hostname_in_aliases": true, + "append_hostsfile_ip": true + }, + "postfix": { + "packages": [ + "postfix" + ], + "mail_type": "client", + "relayhost_role": "relayhost", + "relayhost_port": "25", + "multi_environment_relay": false, + "use_procmail": false, + "use_alias_maps": false, + "use_transport_maps": false, + "use_access_maps": false, + "use_virtual_aliases": false, + "use_virtual_aliases_domains": false, + "use_relay_restrictions_maps": false, + "transports": { + + }, + "access": { + + }, + "virtual_aliases": { + + }, + "virtual_aliases_domains": { + + }, + "main_template_source": "postfix", + "master_template_source": "postfix", + "sender_canonical_map_entries": { + + }, + "smtp_generic_map_entries": { + + }, + "recipient_canonical_map_entries": { + + }, + "access_db_type": "hash", + "aliases_db_type": "hash", + "transport_db_type": "hash", + "virtual_alias_db_type": "hash", + "virtual_alias_domains_db_type": "hash", + "conf_dir": "/etc/postfix", + "aliases_db": "/etc/aliases", + "transport_db": "/etc/postfix/transport", + "access_db": "/etc/postfix/access", + "virtual_alias_db": "/etc/postfix/virtual", + "virtual_alias_domains_db": "/etc/postfix/virtual_domains", + "relay_restrictions_db": "/etc/postfix/relay_restrictions", + "main": { + "biff": "no", + "append_dot_mydomain": "no", + "myhostname": "strfry-1", + "mydomain": "strfry-1", + "myorigin": "$myhostname", + "mydestination": [ + "strfry-1", + "strfry-1", + "localhost.localdomain", + "localhost" + ], + "smtpd_use_tls": "yes", + "smtp_use_tls": "yes", + "smtpd_tls_mandatory_protocols": "!SSLv2,!SSLv3", + "smtp_tls_mandatory_protocols": "!SSLv2,!SSLv3", + "smtpd_tls_protocols": "!SSLv2,!SSLv3", + "smtp_tls_protocols": "!SSLv2,!SSLv3", + "smtp_sasl_auth_enable": "yes", + "mailbox_size_limit": 0, + "mynetworks": null, + "inet_interfaces": "loopback-only", + "smtp_tls_CAfile": "/etc/ssl/certs/ca-certificates.crt", + "smtpd_tls_CAfile": "/etc/ssl/certs/ca-certificates.crt", + "relayhost": "smtp.mailgun.org:587", + "smtp_sasl_password_maps": "hash:/etc/postfix/sasl_passwd", + "smtp_sasl_security_options": "noanonymous", + "smtpd_tls_cert_file": "/etc/ssl/certs/ssl-cert-snakeoil.pem", + "smtpd_tls_key_file": "/etc/ssl/private/ssl-cert-snakeoil.key", + "smtpd_tls_session_cache_database": "btree:${data_directory}/smtpd_scache", + "smtp_tls_session_cache_database": "btree:${data_directory}/smtp_scache", + "maildrop_destination_recipient_limit": 1, + "cyrus_destination_recipient_limit": 1 + }, + "cafile": "/etc/ssl/certs/ca-certificates.crt", + "master": { + "smtp": { + "active": true, + "order": 10, + "type": "inet", + "private": false, + "chroot": false, + "command": "smtpd", + "args": [ + + ] + }, + "submission": { + "active": false, + "order": 20, + "type": "inet", + "private": false, + "chroot": false, + "command": "smtpd", + "args": [ + "-o smtpd_enforce_tls=yes", + " -o smtpd_sasl_auth_enable=yes", + "-o smtpd_client_restrictions=permit_sasl_authenticated,reject" + ] + }, + "smtps": { + "active": false, + "order": 30, + "type": "inet", + "private": false, + "chroot": false, + "command": "smtpd", + "args": [ + "-o smtpd_tls_wrappermode=yes", + "-o smtpd_sasl_auth_enable=yes", + "-o smtpd_client_restrictions=permit_sasl_authenticated,reject" + ] + }, + "628": { + "active": false, + "order": 40, + "type": "inet", + "private": false, + "chroot": false, + "command": "qmqpdd", + "args": [ + + ] + }, + "pickup": { + "active": true, + "order": 50, + "type": "fifo", + "private": false, + "chroot": false, + "wakeup": "60", + "maxproc": "1", + "command": "pickup", + "args": [ + + ] + }, + "cleanup": { + "active": true, + "order": 60, + "type": "unix", + "private": false, + "chroot": false, + "maxproc": "0", + "command": "cleanup", + "args": [ + + ] + }, + "qmgr": { + "active": true, + "order": 70, + "type": "fifo", + "private": false, + "chroot": false, + "wakeup": "300", + "maxproc": "1", + "command": "qmgr", + "args": [ + + ] + }, + "tlsmgr": { + "active": true, + "order": 80, + "type": "unix", + "chroot": false, + "wakeup": "1000?", + "maxproc": "1", + "command": "tlsmgr", + "args": [ + + ] + }, + "rewrite": { + "active": true, + "order": 90, + "type": "unix", + "chroot": false, + "command": "trivial-rewrite", + "args": [ + + ] + }, + "bounce": { + "active": true, + "order": 100, + "type": "unix", + "chroot": false, + "maxproc": "0", + "command": "bounce", + "args": [ + + ] + }, + "defer": { + "active": true, + "order": 110, + "type": "unix", + "chroot": false, + "maxproc": "0", + "command": "bounce", + "args": [ + + ] + }, + "trace": { + "active": true, + "order": 120, + "type": "unix", + "chroot": false, + "maxproc": "0", + "command": "bounce", + "args": [ + + ] + }, + "verify": { + "active": true, + "order": 130, + "type": "unix", + "chroot": false, + "maxproc": "1", + "command": "verify", + "args": [ + + ] + }, + "flush": { + "active": true, + "order": 140, + "type": "unix", + "private": false, + "chroot": false, + "wakeup": "1000?", + "maxproc": "0", + "command": "flush", + "args": [ + + ] + }, + "proxymap": { + "active": true, + "order": 150, + "type": "unix", + "chroot": false, + "command": "proxymap", + "args": [ + + ] + }, + "smtpunix": { + "service": "smtp", + "active": true, + "order": 160, + "type": "unix", + "chroot": false, + "maxproc": "500", + "command": "smtp", + "args": [ + + ] + }, + "relay": { + "active": true, + "comment": "When relaying mail as backup MX, disable fallback_relay to avoid MX loops", + "order": 170, + "type": "unix", + "chroot": false, + "command": "smtp", + "args": [ + "-o smtp_fallback_relay=" + ] + }, + "showq": { + "active": true, + "order": 180, + "type": "unix", + "private": false, + "chroot": false, + "command": "showq", + "args": [ + + ] + }, + "error": { + "active": true, + "order": 190, + "type": "unix", + "chroot": false, + "command": "error", + "args": [ + + ] + }, + "discard": { + "active": true, + "order": 200, + "type": "unix", + "chroot": false, + "command": "discard", + "args": [ + + ] + }, + "local": { + "active": true, + "order": 210, + "type": "unix", + "unpriv": false, + "chroot": false, + "command": "local", + "args": [ + + ] + }, + "virtual": { + "active": true, + "order": 220, + "type": "unix", + "unpriv": false, + "chroot": false, + "command": "virtual", + "args": [ + + ] + }, + "lmtp": { + "active": true, + "order": 230, + "type": "unix", + "chroot": false, + "command": "lmtp", + "args": [ + + ] + }, + "anvil": { + "active": true, + "order": 240, + "type": "unix", + "chroot": false, + "maxproc": "1", + "command": "anvil", + "args": [ + + ] + }, + "scache": { + "active": true, + "order": 250, + "type": "unix", + "chroot": false, + "maxproc": "1", + "command": "scache", + "args": [ + + ] + }, + "maildrop": { + "active": true, + "comment": "See the Postfix MAILDROP_README file for details. To main.cf will be added: maildrop_destination_recipient_limit=1", + "order": 510, + "type": "unix", + "unpriv": false, + "chroot": false, + "command": "pipe", + "args": [ + "flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}" + ] + }, + "old-cyrus": { + "active": false, + "comment": "The Cyrus deliver program has changed incompatibly, multiple times.", + "order": 520, + "type": "unix", + "unpriv": false, + "chroot": false, + "command": "pipe", + "args": [ + "flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}" + ] + }, + "cyrus": { + "active": true, + "comment": "Cyrus 2.1.5 (Amos Gouaux). To main.cf will be added: cyrus_destination_recipient_limit=1", + "order": 530, + "type": "unix", + "unpriv": false, + "chroot": false, + "command": "pipe", + "args": [ + "user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}" + ] + }, + "uucp": { + "active": true, + "comment": "See the Postfix UUCP_README file for configuration details.", + "order": 540, + "type": "unix", + "unpriv": false, + "chroot": false, + "command": "pipe", + "args": [ + "flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)" + ] + }, + "ifmail": { + "active": false, + "order": 550, + "type": "unix", + "unpriv": false, + "chroot": false, + "command": "pipe", + "args": [ + "flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)" + ] + }, + "bsmtp": { + "active": true, + "order": 560, + "type": "unix", + "unpriv": false, + "chroot": false, + "command": "pipe", + "args": [ + "flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient" + ] + } + }, + "aliases": { + + }, + "sasl": { + "smtp_sasl_user_name": "postmaster@mg.kosmos.org", + "smtp_sasl_passwd": "f5a3ba8e20e01b6f2cca83b28d8cd2a6-c30053db-fc52c414" + }, + "sasl_password_file": "/etc/postfix/sasl_passwd" + }, + "ntp": { + "servers": [ + "0.pool.ntp.org", + "1.pool.ntp.org", + "2.pool.ntp.org", + "3.pool.ntp.org" + ], + "peers": [ + + ], + "restrictions": [ + + ], + "tinker": { + "panic": 0, + "allan": 1500, + "dispersion": 15, + "step": 0.128, + "stepout": 900 + }, + "restrict_default": "kod notrap nomodify nopeer noquery", + "packages": [ + "ntp" + ], + "service": "ntp", + "varlibdir": "/var/lib/ntp", + "driftfile": "/var/lib/ntp/ntp.drift", + "logfile": null, + "conffile": "/etc/ntp.conf", + "statsdir": "/var/log/ntpstats/", + "conf_owner": "root", + "conf_group": "root", + "var_owner": "ntp", + "var_group": "ntp", + "leapfile": "/etc/ntp.leapseconds", + "sync_clock": false, + "sync_hw_clock": false, + "listen": null, + "listen_network": null, + "ignore": null, + "apparmor_enabled": true, + "monitor": false, + "statistics": true, + "conf_restart_immediate": false, + "keys": null, + "trustedkey": null, + "requestkey": null, + "disable_tinker_panic_on_virtualization_guest": true, + "peer": { + "key": null, + "use_iburst": true, + "use_burst": false, + "minpoll": 6, + "maxpoll": 10 + }, + "server": { + "prefer": "", + "use_iburst": true, + "use_burst": false, + "minpoll": 6, + "maxpoll": 10 + }, + "orphan": { + "enabled": false, + "stratum": 5 + }, + "localhost": { + "noquery": false + }, + "use_cmos": false + }, + "timezone_iii": { + "timezone": "Etc/UTC", + "tzdata_dir": "/usr/share/zoneinfo", + "localtime_path": "/etc/localtime", + "use_symlink": false + }, + "kosmos_kvm": { + "host": { + "qemu_base_image": { + "url": "https://cloud-images.ubuntu.com/releases/jammy/release-20240514/ubuntu-22.04-server-cloudimg-amd64-disk-kvm.img", + "checksum": "2e7698b3ebd7caead06b08bd3ece241e6ce294a6db01f92ea12bcb56d6972c3f", + "path": "/var/lib/libvirt/images/base/ubuntu-22.04-server-cloudimg-amd64-disk-kvm-20240514.qcow2" + } + }, + "backup": { + "schedule": "0/3:00", + "nodes_excluded": [ + + ] + } + }, + "logrotate": { + "package": { + "name": "logrotate", + "source": null, + "version": null, + "provider": null, + "action": "upgrade" + }, + "directory": "/etc/logrotate.d", + "cron": { + "install": false, + "name": "logrotate", + "command": "/usr/sbin/logrotate /etc/logrotate.conf", + "minute": 35, + "hour": 2 + }, + "global": { + "weekly": true, + "rotate": 4, + "create": "", + "/var/log/wtmp": { + "missingok": true, + "monthly": true, + "create": "0664 root utmp", + "rotate": 1 + }, + "/var/log/btmp": { + "missingok": true, + "monthly": true, + "create": "0660 root utmp", + "rotate": 1 + } + } + }, + "backup": { + "dir": "/usr/local/lib/backup", + "default_model": true, + "compression": { + "best": true, + "fast": false + }, + "user": "backup", + "archives": { + + }, + "mysql": { + "databases": [ + + ], + "username": "root", + "host": "localhost" + }, + "postgresql": { + "databases": { + + }, + "username": "postgres", + "host": "localhost", + "port": 5432 + }, + "redis": { + "databases": [ + + ], + "host": "localhost", + "invoke_save": false, + "dump_dir": "/var/lib/redis" + }, + "orbit": { + "keep": 10 + }, + "cron": { + "hour": "05", + "minute": "7" + }, + "s3": { + "keep": 15, + "bucket": "kosmos-dev-backups" + } + }, + "ulimit": { + "pam_su_template_cookbook": null, + "users": { + + }, + "security_limits_directory": "/etc/security/limits.d", + "ulimit_overriding_sudo_file_name": "sudo", + "ulimit_overriding_sudo_file_cookbook": null + }, + "kosmos-dirsrv": { + "master_hostname": "ldap.kosmos.local" + }, + "strfry": { + "repo": "https://github.com/hoytech/strfry.git", + "revision": "master", + "download_url": null, + "checksum": null, + "user": "strfry", + "group": "strfry", + "db_path": "/var/lib/strfry", + "bind_ip": "0.0.0.0", + "real_ip_header": "", + "info": { + + }, + "policy_path": "", + "ldap_search_dn": "ou=kosmos.org,cn=users,dc=kosmos,dc=org" + }, + "ark": { + "apache_mirror": "http://apache.mirrors.tds.net", + "prefix_root": "/usr/local", + "prefix_bin": "/usr/local/bin", + "prefix_home": "/usr/local", + "tar": null, + "sevenzip_binary": null, + "package_dependencies": [ + "libtool", + "autoconf", + "make", + "unzip", + "rsync", + "gcc", + "autogen", + "shtool", + "pkg-config" + ] + }, + "deno": { + "version": "1.44.1", + "download_url": "https://github.com/denoland/deno/releases/download/v1.44.1/deno-x86_64-unknown-linux-gnu.zip", + "checksum": "b9ed6c90f12dd7751ad5f39e07f580f71a73e9947d2be703ea54086f8b9becfb" + }, + "msys2": { + "url": "http://downloads.sourceforge.net/project/msys2/Base/x86_64/msys2-base-x86_64-20160205.tar.xz", + "checksum": "7e97e2af042e1b6f62cf0298fe84839014ef3d4a3e7825cffc6931c66cc0fc20" + }, + "build-essential": { + "compile_time": false, + "msys2": { + "path": "\\msys2" + } + }, + "git": { + "prefix": "/usr/local", + "version": "2.17.1", + "url": "https://nodeload.github.com/git/git/tar.gz/v%{version}", + "checksum": "690f12cc5691e5adaf2dd390eae6f5acce68ae0d9bd9403814f8a1433833f02a", + "use_pcre": false, + "server": { + "base_path": "/srv/git", + "export_all": true + } + }, + "jemalloc": { + "version": "5.1.0", + "url": "https://github.com/jemalloc/jemalloc/releases/download/5.1.0/jemalloc-5.1.0.tar.bz2", + "checksum": "5396e61cc6103ac393136c309fae09e44d74743c86f90e266948c50f3dbb7268", + "configure": { + "munmap": true, + "lazy_lock": true, + "xmalloc": false, + "dss": false, + "mremap": false, + "stats": false, + "profiling": false, + "valgrind": false + } + }, + "yum": { + "main": { + "cachedir": "/var/cache/yum/$basearch/$releasever", + "distroverpkg": "ubuntu-release", + "alwaysprompt": null, + "assumeyes": null, + "bandwidth": null, + "best": null, + "bugtracker_url": null, + "clean_requirements_on_remove": null, + "color": null, + "color_list_available_downgrade": null, + "color_list_available_install": null, + "color_list_available_reinstall": null, + "color_list_available_upgrade": null, + "color_list_installed_extra": null, + "color_list_installed_newer": null, + "color_list_installed_older": null, + "color_list_installed_reinstall": null, + "color_search_match": null, + "color_update_installed": null, + "color_update_local": null, + "color_update_remote": null, + "commands": null, + "deltarpm": null, + "debuglevel": null, + "diskspacecheck": null, + "enable_group_conditionals": null, + "errorlevel": null, + "exactarch": null, + "exclude": null, + "excludepkgs": null, + "gpgcheck": true, + "group_package_types": null, + "groupremove_leaf_only": null, + "history_list_view": null, + "history_record": null, + "history_record_packages": null, + "http_caching": null, + "ip_resolve": null, + "installonly_limit": null, + "installonlypkgs": null, + "installroot": null, + "keepalive": null, + "keepcache": false, + "kernelpkgnames": null, + "localpkg_gpgcheck": false, + "logfile": "/var/log/yum.log", + "max_retries": null, + "mdpolicy": null, + "metadata_expire": null, + "mirrorlist_expire": null, + "multilib_policy": null, + "obsoletes": null, + "overwrite_groups": null, + "password": null, + "path": "/etc/yum.conf", + "persistdir": null, + "pluginconfpath": null, + "pluginpath": null, + "plugins": null, + "protected_multilib": null, + "protected_packages": null, + "proxy": null, + "proxy_password": null, + "proxy_username": null, + "recent": null, + "repo_gpgcheck": null, + "reposdir": null, + "reset_nice": null, + "rpmverbosity": null, + "showdupesfromrepos": null, + "skip_broken": null, + "skip_if_unavailable": null, + "ssl_check_cert_permissions": null, + "sslcacert": null, + "sslclientcert": null, + "sslclientkey": null, + "sslverify": null, + "syslog_device": null, + "syslog_facility": null, + "syslog_ident": null, + "throttle": null, + "timeout": null, + "tolerant": false, + "tsflags": null, + "username": null + } + }, + "openresty": { + "source": { + "version": "1.13.6.2", + "file_prefix": "openresty", + "checksum": "946e1958273032db43833982e2cec0766154a9b5cb8e67868944113208ff2942", + "name": "%{file_prefix}-%{version}", + "url": "https://openresty.org/download/%{name}.tar.gz", + "conf_path": "/etc/nginx/nginx.conf", + "prefix": "/usr/share", + "state": "/etc/chef_state.d", + "path": "/var/chef/cache", + "default_configure_flags": [ + "--prefix=/usr/share", + "--conf-path=/etc/nginx/nginx.conf", + "--sbin-path=/usr/sbin/nginx", + "--error-log-path=/var/log/nginx/error.log", + "--http-log-path=/var/log/nginx/access.log", + "--pid-path=/var/run/nginx.pid", + "--lock-path=/var/run/nginx.lock", + "--http-client-body-temp-path=/var/cache/nginx/client_temp", + "--http-proxy-temp-path=/var/cache/nginx/proxy_temp", + "--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp", + "--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp", + "--http-scgi-temp-path=/var/cache/nginx/scgi_temp", + "--with-ipv6", + "--with-md5-asm", + "--with-sha1-asm", + "--without-http_ssi_module", + "--without-mail_smtp_module", + "--without-mail_imap_module", + "--without-mail_pop3_module" + ] + }, + "dir": "/etc/nginx", + "log_dir": "/var/log/nginx", + "cache_dir": "/var/cache/nginx", + "run_dir": "/var/run", + "binary": "/usr/sbin/nginx", + "pid": "/var/run/nginx.pid", + "modules": [ + "http_ssl_module", + "http_gzip_static_module", + "http_gunzip_module", + "http_stub_status_module", + "http_secure_link_module", + "http_realip_module", + "http_flv_module", + "http_mp4_module", + "cache_purge_module" + ], + "extra_modules": [ + + ], + "configure_flags": [ + + ], + "user": "www-data", + "group": "www-data", + "user_system": true, + "user_shell": "/bin/false", + "user_home": "/var/www", + "ipv6": true, + "gzip": "on", + "gzip_http_version": "1.0", + "gzip_comp_level": "2", + "gzip_proxied": "any", + "gzip_vary": "off", + "gzip_buffers": null, + "gzip_types": [ + "text/plain", + "text/css", + "application/x-javascript", + "text/xml", + "application/xml", + "application/xml+rss", + "text/javascript", + "application/javascript", + "application/json", + "font/truetype", + "font/opentype", + "application/vnd.ms-fontobject", + "image/svg+xml" + ], + "keepalive": "on", + "keepalive_timeout": 5, + "keepalive_requests": 100, + "worker_processes": 4, + "worker_auto_affinity": true, + "worker_connections": 4096, + "worker_rlimit_nofile": null, + "multi_accept": false, + "try_aio": false, + "event": "epoll", + "server_names_hash_bucket_size": 64, + "client_max_body_size": "32M", + "client_body_buffer_size": "8K", + "large_client_header_buffers": "32 32k", + "types_hash_max_size": 2048, + "types_hash_bucket_size": 64, + "variables_hash_max_size": 1024, + "variables_hash_bucket_size": 64, + "open_file_cache": { + "max": 1000, + "inactive": "20s", + "valid": "30s", + "min_uses": "8", + "errors": "on" + }, + "log_formats": { + "main": "$remote_addr - $remote_user [$time_local] \"$request\" $status $body_bytes_sent \"$http_referer\" \"$http_user_agent\" \"$http_x_forwarded_for\"" + }, + "logrotate": true, + "logrotate_days": 7, + "logrotate_options": [ + "missingok", + "delaycompress", + "notifempty", + "compress", + "sharedscripts" + ], + "disable_access_log": true, + "default_site_enabled": false, + "custom_pcre": true, + "link_to_jemalloc": false, + "max_subrequests": 201, + "generate_dhparams": true, + "resolver": null, + "resolver_ttl": "10s", + "lua_package_path": null, + "lua_package_cpath": null, + "cache_purge": { + "version": "2.3", + "url": "https://codeload.github.com/FRiCKLE/ngx_cache_purge/tar.gz/2.3", + "checksum": "cb7d5f22919c613f1f03341a1aeb960965269302e9eb23425ccaabd2f5dcbbec" + }, + "pcre": { + "version": "8.41", + "url": "https://sourceforge.net/projects/pcre/files/pcre/8.41/pcre-8.41.tar.bz2/download", + "checksum": "e62c7eac5ae7c0e7286db61ff82912e1c0b7a0c13706616e94a7dd729321b530" + }, + "luarocks": { + "version": "3.9.2", + "url": "https://luarocks.org/releases/luarocks-3.9.2.tar.gz", + "checksum": "bca6e4ecc02c203e070acdb5f586045d45c078896f6236eb46aa33ccd9b94edb", + "default_rocks": { + + } + }, + "or_modules": { + "luajit": true, + "luajit_binary": "2.1.0-beta1", + "iconv": true, + "drizzle": false, + "postgres": false + }, + "realip": { + "header": "X-Forwarded-For", + "addresses": [ + "127.0.0.1" + ], + "recursive": false + }, + "service": { + "recipe": "openresty::service_init", + "resource": "service[nginx]", + "restart_on_update": true, + "start_on_boot": true, + "defaults_file_template": "nginx.sysconfig.erb", + "defaults_file_cookbook": "openresty" + }, + "status": { + "url": "/nginx-status", + "allowed_ips": [ + + ] + }, + "upload_progress": { + "url": "https://github.com/masterzen/nginx-upload-progress-module/archive/v0.9.0.tar.gz", + "checksum": "93e29b9b437a2e34713de54c2861ea51151624aca09f73f9f44d1caaff01a6b1" + } + } + }, + "automatic": { + "fqdn": "strfry-1", + "os": "linux", + "os_version": "5.15.0-1060-kvm", + "hostname": "strfry-1", + "ipaddress": "192.168.122.54", + "roles": [ + "base", + "kvm_guest", + "strfry", + "ldap_client" + ], + "recipes": [ + "kosmos-base", + "kosmos-base::default", + "kosmos_kvm::guest", + "kosmos-dirsrv::hostsfile", + "strfry", + "strfry::default", + "kosmos_strfry::policies", + "kosmos_strfry::firewall", + "apt::default", + "timezone_iii::default", + "timezone_iii::debian", + "ntp::default", + "ntp::apparmor", + "kosmos-base::systemd_emails", + "apt::unattended-upgrades", + "kosmos-base::firewall", + "kosmos-postfix::default", + "postfix::default", + "postfix::_common", + "postfix::_attributes", + "postfix::sasl_auth", + "hostname::default", + "deno::default" + ], + "platform": "ubuntu", + "platform_version": "22.04", + "cloud": null, + "chef_packages": { + "chef": { + "version": "18.4.12", + "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.4.12/lib", + "chef_effortless": null + }, + "ohai": { + "version": "18.1.11", + "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.11/lib/ohai" + } + } + }, + "run_list": [ + "role[base]", + "role[kvm_guest]", + "role[strfry]" + ] +} \ No newline at end of file